Securing BlazeDS (https)

I wanted to set up a flex/BlazeDS app to ONLY use https and not http at all!

Key lies in setting up the channels in two places:

1) In services-config.xml, comment out the normal my-amf channel and leave the my-secure-amf only

<!–

<channel-definition id=”my-amf”>
<endpoint url=”http://{server.name}:{server.port}/{context.root}/messagebroker/amf”/>
</channel-definition>
–>
<channel-definition id=”my-secure-amf”>
<endpoint url=”https://{server.name}:{server.port}/{context.root}/messagebroker/amfsecure”/>
<properties>
<add-no-cache-headers>false</add-no-cache-headers>
</properties>
</channel-definition>

2) Secondly comment out the same details in the remoting-config.xml file

<default-channels>
<channel ref=”my-secure-amf”/>
<!–          <channel ref=”my-amf”/> –>
</default-channels>

That’s it. Deploy and check. the first screen on http may appear, but nothing thereafter will work unless you use https://

Advertisements

3 Comments

  1. Awesome blog!

    I thought about starting my own blog too but I’m just too lazy so, I guess Ill just have to keep checking yours out.
    LOL,

  2. its not working only work on http://localhost:8400/xyz.html

  3. what needs to be done on the flex side? for some reason i cant seem to get it to work when i am using the secure channel.


Comments RSS TrackBack Identifier URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s